Anti-social networking: Crowdsourcing and the cyber defence of national critical infrastructures

We identify four roles that social networking plays in the 'attribution problem', which obscures whether or not cyber-attacks were state-sponsored. First, social networks motivate individuals to participate in Distributed Denial of Service attacks by providing malware and identifying potential targets. Second, attackers use an individual's social network to focus attacks, through spear phishing. Recipients are more likely to open infected attachments when they come from a trusted source. Third, social networking infrastructures create disposable architectures to coordinate attacks through command and control servers. The ubiquitous nature of these architectures makes it difficult to determine who owns and operates the servers. Finally, governments recruit anti-social criminal networks to launch attacks on third-party infrastructures using botnets. The closing sections identify a roadmap to increase resilience against the 'dark side' of social networking. Practitioner Summary: This paper provides readers with an overview of state-sponsored cyber-attacks. I show how many of these threats have exploited social networks and social media. The aim was to alert practitioners to the dark side of computing, where attackers learn to exploit new interaction techniques and new forms of working.